moved key_derivation.rs from pbs_datastore to pbs-config/src/key_config.rs
Also moved pbs-datastore/src/crypt_config.rs to pbs-tools/src/crypt_config.rs. We do not want to depend on pbs-api-types there, so I use [u8;32] instead of Fingerprint.
This commit is contained in:
Dietmar Maurer
@ -9,14 +9,15 @@ use serde_json::{json, Value};
|
||||
|
||||
use proxmox::tools::digest_to_hex;
|
||||
|
||||
use pbs_datastore::{PROXMOX_BACKUP_READER_PROTOCOL_ID_V1, CryptConfig, BackupManifest};
|
||||
use pbs_tools::crypt_config::CryptConfig;
|
||||
use pbs_tools::sha::sha256;
|
||||
use pbs_datastore::{PROXMOX_BACKUP_READER_PROTOCOL_ID_V1, BackupManifest};
|
||||
use pbs_datastore::data_blob::DataBlob;
|
||||
use pbs_datastore::data_blob_reader::DataBlobReader;
|
||||
use pbs_datastore::dynamic_index::DynamicIndexReader;
|
||||
use pbs_datastore::fixed_index::FixedIndexReader;
|
||||
use pbs_datastore::index::IndexFile;
|
||||
use pbs_datastore::manifest::MANIFEST_BLOB_NAME;
|
||||
use pbs_tools::sha::sha256;
|
||||
|
||||
use super::{HttpClient, H2Client};
|
||||
|
||||
|
||||
@ -14,13 +14,14 @@ use tokio_stream::wrappers::ReceiverStream;
|
||||
|
||||
use proxmox::tools::digest_to_hex;
|
||||
|
||||
use pbs_datastore::{CATALOG_NAME, PROXMOX_BACKUP_PROTOCOL_ID_V1, CryptConfig};
|
||||
use pbs_tools::crypt_config::CryptConfig;
|
||||
use pbs_tools::format::HumanByte;
|
||||
use pbs_datastore::{CATALOG_NAME, PROXMOX_BACKUP_PROTOCOL_ID_V1};
|
||||
use pbs_datastore::data_blob::{ChunkInfo, DataBlob, DataChunkBuilder};
|
||||
use pbs_datastore::dynamic_index::DynamicIndexReader;
|
||||
use pbs_datastore::fixed_index::FixedIndexReader;
|
||||
use pbs_datastore::index::IndexFile;
|
||||
use pbs_datastore::manifest::{ArchiveType, BackupManifest, MANIFEST_BLOB_NAME};
|
||||
use pbs_tools::format::HumanByte;
|
||||
|
||||
use super::merge_known_chunks::{MergeKnownChunks, MergedChunkInfo};
|
||||
|
||||
|
||||
@ -5,7 +5,8 @@ use std::sync::{Arc, Mutex};
|
||||
|
||||
use anyhow::{bail, Error};
|
||||
|
||||
use pbs_datastore::{CryptConfig, CryptMode};
|
||||
use pbs_tools::crypt_config::CryptConfig;
|
||||
use pbs_api_types::CryptMode;
|
||||
use pbs_datastore::data_blob::DataBlob;
|
||||
use pbs_datastore::read_chunk::ReadChunk;
|
||||
use pbs_datastore::read_chunk::AsyncReadChunk;
|
||||
|
||||
@ -9,6 +9,7 @@ description = "Configuration file management for PBS"
|
||||
anyhow = "1.0"
|
||||
lazy_static = "1.4"
|
||||
serde = { version = "1.0", features = ["derive"] }
|
||||
serde_json = "1.0"
|
||||
openssl = "0.10"
|
||||
nix = "0.19.1"
|
||||
|
||||
|
||||
@ -7,9 +7,9 @@ use serde::{Deserialize, Serialize};
|
||||
use proxmox::tools::fs::{file_get_contents, replace_file, CreateOptions};
|
||||
use proxmox::try_block;
|
||||
|
||||
use pbs_api_types::{Kdf, KeyInfo};
|
||||
use pbs_api_types::{Kdf, KeyInfo, Fingerprint};
|
||||
|
||||
use crate::crypt_config::{CryptConfig, Fingerprint};
|
||||
use pbs_tools::crypt_config::CryptConfig;
|
||||
|
||||
/// Key derivation function configuration
|
||||
#[derive(Deserialize, Serialize, Clone, Debug)]
|
||||
@ -120,7 +120,7 @@ impl KeyConfig {
|
||||
pub fn without_password(raw_key: [u8; 32]) -> Result<Self, Error> {
|
||||
// always compute fingerprint
|
||||
let crypt_config = CryptConfig::new(raw_key.clone())?;
|
||||
let fingerprint = Some(crypt_config.fingerprint());
|
||||
let fingerprint = Some(Fingerprint::new(crypt_config.fingerprint()));
|
||||
|
||||
let created = proxmox::tools::time::epoch_i64();
|
||||
Ok(Self {
|
||||
@ -187,7 +187,7 @@ impl KeyConfig {
|
||||
|
||||
// always compute fingerprint
|
||||
let crypt_config = CryptConfig::new(raw_key.clone())?;
|
||||
let fingerprint = Some(crypt_config.fingerprint());
|
||||
let fingerprint = Some(Fingerprint::new(crypt_config.fingerprint()));
|
||||
|
||||
Ok(Self {
|
||||
kdf: Some(kdf),
|
||||
@ -258,7 +258,7 @@ impl KeyConfig {
|
||||
result.copy_from_slice(&key);
|
||||
|
||||
let crypt_config = CryptConfig::new(result.clone())?;
|
||||
let fingerprint = crypt_config.fingerprint();
|
||||
let fingerprint = Fingerprint::new(crypt_config.fingerprint());
|
||||
if let Some(ref stored_fingerprint) = self.fingerprint {
|
||||
if &fingerprint != stored_fingerprint {
|
||||
bail!(
|
||||
@ -1,5 +1,6 @@
|
||||
pub mod domains;
|
||||
pub mod drive;
|
||||
pub mod key_config;
|
||||
pub mod media_pool;
|
||||
pub mod remote;
|
||||
|
||||
|
||||
@ -27,3 +27,4 @@ proxmox = { version = "0.13.0", default-features = false, features = [ "api-macr
|
||||
|
||||
pbs-api-types = { path = "../pbs-api-types" }
|
||||
pbs-tools = { path = "../pbs-tools" }
|
||||
pbs-config = { path = "../pbs-config" }
|
||||
|
||||
@ -3,8 +3,7 @@ use std::sync::Arc;
|
||||
use std::io::Read;
|
||||
|
||||
use pbs_tools::borrow::Tied;
|
||||
|
||||
use super::CryptConfig;
|
||||
use pbs_tools::crypt_config::CryptConfig;
|
||||
|
||||
pub struct ChecksumReader<R> {
|
||||
reader: R,
|
||||
|
||||
@ -4,8 +4,7 @@ use std::io::Write;
|
||||
use anyhow::{Error};
|
||||
|
||||
use pbs_tools::borrow::Tied;
|
||||
|
||||
use super::CryptConfig;
|
||||
use pbs_tools::crypt_config::CryptConfig;
|
||||
|
||||
pub struct ChecksumWriter<W> {
|
||||
writer: W,
|
||||
|
||||
@ -3,7 +3,7 @@ use std::io::{Read, BufRead};
|
||||
|
||||
use anyhow::{bail, Error};
|
||||
|
||||
use super::CryptConfig;
|
||||
use pbs_tools::crypt_config::CryptConfig;
|
||||
|
||||
pub struct CryptReader<R> {
|
||||
reader: R,
|
||||
|
||||
@ -3,7 +3,7 @@ use std::io::Write;
|
||||
|
||||
use anyhow::Error;
|
||||
|
||||
use super::CryptConfig;
|
||||
use pbs_tools::crypt_config::CryptConfig;
|
||||
|
||||
pub struct CryptWriter<W> {
|
||||
writer: W,
|
||||
|
||||
@ -6,8 +6,10 @@ use openssl::symm::{decrypt_aead, Mode};
|
||||
|
||||
use proxmox::tools::io::{ReadExt, WriteExt};
|
||||
|
||||
use pbs_tools::crypt_config::CryptConfig;
|
||||
use pbs_api_types::CryptMode;
|
||||
|
||||
use super::file_formats::*;
|
||||
use super::{CryptConfig, CryptMode};
|
||||
|
||||
const MAX_BLOB_SIZE: usize = 128*1024*1024;
|
||||
|
||||
|
||||
@ -4,8 +4,9 @@ use std::sync::Arc;
|
||||
use anyhow::{bail, format_err, Error};
|
||||
use proxmox::tools::io::ReadExt;
|
||||
|
||||
use pbs_tools::crypt_config::CryptConfig;
|
||||
|
||||
use crate::checksum_reader::ChecksumReader;
|
||||
use crate::crypt_config::CryptConfig;
|
||||
use crate::crypt_reader::CryptReader;
|
||||
use crate::file_formats::{self, DataBlobHeader};
|
||||
|
||||
|
||||
@ -3,8 +3,9 @@ use proxmox::tools::io::WriteExt;
|
||||
use std::io::{Seek, SeekFrom, Write};
|
||||
use std::sync::Arc;
|
||||
|
||||
use pbs_tools::crypt_config::CryptConfig;
|
||||
|
||||
use crate::checksum_writer::ChecksumWriter;
|
||||
use crate::crypt_config::CryptConfig;
|
||||
use crate::crypt_writer::CryptWriter;
|
||||
use crate::file_formats::{self, DataBlobHeader, EncryptedDataBlobHeader};
|
||||
|
||||
|
||||
@ -186,7 +186,6 @@ pub mod checksum_writer;
|
||||
pub mod chunk_stat;
|
||||
pub mod chunk_store;
|
||||
pub mod chunker;
|
||||
pub mod crypt_config;
|
||||
pub mod crypt_reader;
|
||||
pub mod crypt_writer;
|
||||
pub mod data_blob;
|
||||
@ -194,7 +193,6 @@ pub mod data_blob_reader;
|
||||
pub mod data_blob_writer;
|
||||
pub mod file_formats;
|
||||
pub mod index;
|
||||
pub mod key_derivation;
|
||||
pub mod manifest;
|
||||
pub mod paperkey;
|
||||
pub mod prune;
|
||||
@ -210,15 +208,10 @@ pub use checksum_reader::ChecksumReader;
|
||||
pub use checksum_writer::ChecksumWriter;
|
||||
pub use chunk_store::ChunkStore;
|
||||
pub use chunker::Chunker;
|
||||
pub use crypt_config::{CryptConfig, CryptMode, Fingerprint};
|
||||
pub use crypt_reader::CryptReader;
|
||||
pub use crypt_writer::CryptWriter;
|
||||
pub use data_blob::DataBlob;
|
||||
pub use data_blob_reader::DataBlobReader;
|
||||
pub use data_blob_writer::DataBlobWriter;
|
||||
pub use key_derivation::{
|
||||
decrypt_key, load_and_decrypt_key, rsa_decrypt_key_config, rsa_encrypt_key_config,
|
||||
};
|
||||
pub use key_derivation::{KeyConfig, KeyDerivationConfig};
|
||||
pub use manifest::BackupManifest;
|
||||
pub use store_progress::StoreProgress;
|
||||
|
||||
@ -6,7 +6,10 @@ use anyhow::{bail, format_err, Error};
|
||||
use serde_json::{json, Value};
|
||||
use serde::{Deserialize, Serialize};
|
||||
|
||||
use crate::{BackupDir, CryptMode, CryptConfig, Fingerprint};
|
||||
use pbs_tools::crypt_config::CryptConfig;
|
||||
use pbs_api_types::{CryptMode, Fingerprint};
|
||||
|
||||
use crate::BackupDir;
|
||||
|
||||
pub const MANIFEST_BLOB_NAME: &str = "index.json.blob";
|
||||
pub const MANIFEST_LOCK_NAME: &str = ".index.json.lck";
|
||||
@ -188,7 +191,7 @@ impl BackupManifest {
|
||||
if let Some(crypt_config) = crypt_config {
|
||||
let sig = self.signature(crypt_config)?;
|
||||
manifest["signature"] = proxmox::tools::digest_to_hex(&sig).into();
|
||||
let fingerprint = &crypt_config.fingerprint();
|
||||
let fingerprint = &Fingerprint::new(crypt_config.fingerprint());
|
||||
manifest["unprotected"]["key-fingerprint"] = serde_json::to_value(fingerprint)?;
|
||||
}
|
||||
|
||||
@ -215,7 +218,7 @@ impl BackupManifest {
|
||||
fingerprint,
|
||||
),
|
||||
Some(crypt_config) => {
|
||||
let config_fp = crypt_config.fingerprint();
|
||||
let config_fp = Fingerprint::new(crypt_config.fingerprint());
|
||||
if config_fp != fingerprint {
|
||||
bail!(
|
||||
"wrong key - manifest's key {} does not match provided key {}",
|
||||
@ -242,7 +245,7 @@ impl BackupManifest {
|
||||
let fingerprint = &json["unprotected"]["key-fingerprint"];
|
||||
if fingerprint != &Value::Null {
|
||||
let fingerprint = serde_json::from_value(fingerprint.clone())?;
|
||||
let config_fp = crypt_config.fingerprint();
|
||||
let config_fp = Fingerprint::new(crypt_config.fingerprint());
|
||||
if config_fp != fingerprint {
|
||||
bail!(
|
||||
"wrong key - unable to verify signature since manifest's key {} does not match provided key {}",
|
||||
@ -283,7 +286,7 @@ impl TryFrom<super::DataBlob> for BackupManifest {
|
||||
#[test]
|
||||
fn test_manifest_signature() -> Result<(), Error> {
|
||||
|
||||
use crate::{KeyDerivationConfig};
|
||||
use pbs_config::key_config::KeyDerivationConfig;
|
||||
|
||||
let pw = b"test";
|
||||
|
||||
|
||||
@ -6,7 +6,7 @@ use serde::{Deserialize, Serialize};
|
||||
|
||||
use proxmox::api::api;
|
||||
|
||||
use crate::KeyConfig;
|
||||
use pbs_config::key_config::KeyConfig;
|
||||
|
||||
#[api()]
|
||||
#[derive(Debug, Serialize, Deserialize)]
|
||||
|
||||
@ -12,8 +12,6 @@ use openssl::hash::MessageDigest;
|
||||
use openssl::pkcs5::pbkdf2_hmac;
|
||||
use openssl::symm::{Cipher, Crypter, Mode};
|
||||
|
||||
pub use pbs_api_types::{CryptMode, Fingerprint};
|
||||
|
||||
// openssl::sha::sha256(b"Proxmox Backup Encryption Key Fingerprint")
|
||||
/// This constant is used to compute fingerprints.
|
||||
const FINGERPRINT_INPUT: [u8; 32] = [
|
||||
@ -104,8 +102,8 @@ impl CryptConfig {
|
||||
///
|
||||
/// This computes a digest using the derived key (id_key) in order
|
||||
/// to hinder brute force attacks.
|
||||
pub fn fingerprint(&self) -> Fingerprint {
|
||||
Fingerprint::new(self.compute_digest(&FINGERPRINT_INPUT))
|
||||
pub fn fingerprint(&self) -> [u8; 32] {
|
||||
self.compute_digest(&FINGERPRINT_INPUT)
|
||||
}
|
||||
|
||||
/// Returns an openssl Crypter using AES_256_GCM,
|
||||
@ -6,6 +6,7 @@ pub mod broadcast_future;
|
||||
pub mod cert;
|
||||
pub mod cli;
|
||||
pub mod compression;
|
||||
pub mod crypt_config;
|
||||
pub mod format;
|
||||
pub mod fd;
|
||||
pub mod fs;
|
||||
|
||||
@ -26,6 +26,7 @@ proxmox = { version = "0.13.0", features = [ "sortable-macro", "api-macro", "cli
|
||||
|
||||
pbs-api-types = { path = "../pbs-api-types" }
|
||||
pbs-buildcfg = { path = "../pbs-buildcfg" }
|
||||
pbs-config = { path = "../pbs-config" }
|
||||
pbs-client = { path = "../pbs-client" }
|
||||
pbs-datastore = { path = "../pbs-datastore" }
|
||||
pbs-fuse-loop = { path = "../pbs-fuse-loop" }
|
||||
|
||||
@ -19,9 +19,10 @@ use proxmox::api::{
|
||||
schema::ApiType,
|
||||
};
|
||||
|
||||
use pbs_tools::crypt_config::CryptConfig;
|
||||
use pbs_config::key_config::{KeyDerivationConfig, load_and_decrypt_key};
|
||||
use pbs_client::tools::key_source::get_encryption_key_password;
|
||||
use pbs_client::{BackupRepository, BackupWriter};
|
||||
use pbs_datastore::{CryptConfig, KeyDerivationConfig, load_and_decrypt_key};
|
||||
use pbs_datastore::data_blob::{DataBlob, DataChunkBuilder};
|
||||
|
||||
use crate::{
|
||||
|
||||
@ -10,6 +10,7 @@ use proxmox::api::{api, cli::*};
|
||||
use pbs_client::tools::key_source::get_encryption_key_password;
|
||||
use pbs_client::{BackupReader, RemoteChunkReader};
|
||||
use pbs_tools::json::required_string_param;
|
||||
use pbs_tools::crypt_config::CryptConfig;
|
||||
|
||||
use crate::{
|
||||
REPO_URL_SCHEMA,
|
||||
@ -31,7 +32,6 @@ use crate::{
|
||||
BufferedDynamicReadAt,
|
||||
CatalogReader,
|
||||
CATALOG_NAME,
|
||||
CryptConfig,
|
||||
DynamicIndexReader,
|
||||
IndexFile,
|
||||
Shell,
|
||||
|
||||
@ -15,7 +15,7 @@ use proxmox::sys::linux::tty;
|
||||
use proxmox::tools::fs::{file_get_contents, replace_file, CreateOptions};
|
||||
|
||||
use pbs_api_types::{RsaPubKeyInfo, PASSWORD_HINT_SCHEMA, Kdf, KeyInfo};
|
||||
use pbs_datastore::{KeyConfig, rsa_decrypt_key_config};
|
||||
use pbs_config::key_config::{KeyConfig, rsa_decrypt_key_config};
|
||||
use pbs_datastore::paperkey::{generate_paper_key, PaperkeyFormat};
|
||||
use pbs_client::tools::key_source::{
|
||||
find_default_encryption_key, find_default_master_pubkey, get_encryption_key_password,
|
||||
|
||||
@ -29,7 +29,7 @@ use pxar::accessor::{MaybeReady, ReadAt, ReadAtOperation};
|
||||
|
||||
use pbs_api_types::{
|
||||
BACKUP_ID_SCHEMA, BACKUP_TIME_SCHEMA, BACKUP_TYPE_SCHEMA, Authid, CryptMode, GroupListItem,
|
||||
PruneListItem, SnapshotListItem, StorageStatus,
|
||||
PruneListItem, SnapshotListItem, StorageStatus, Fingerprint,
|
||||
};
|
||||
use pbs_client::{
|
||||
BACKUP_SOURCE_SCHEMA,
|
||||
@ -60,7 +60,8 @@ use pbs_client::tools::{
|
||||
},
|
||||
CHUNK_SIZE_SCHEMA, REPO_URL_SCHEMA,
|
||||
};
|
||||
use pbs_datastore::{CATALOG_NAME, CryptConfig, KeyConfig, decrypt_key, rsa_encrypt_key_config};
|
||||
use pbs_config::key_config::{KeyConfig, decrypt_key, rsa_encrypt_key_config};
|
||||
use pbs_datastore::CATALOG_NAME;
|
||||
use pbs_datastore::backup_info::{BackupDir, BackupGroup};
|
||||
use pbs_datastore::catalog::{BackupCatalogWriter, CatalogReader, CatalogWriter};
|
||||
use pbs_datastore::chunk_store::verify_chunk_size;
|
||||
@ -75,6 +76,7 @@ use pbs_datastore::prune::PruneOptions;
|
||||
use pbs_tools::sync::StdChannelWriter;
|
||||
use pbs_tools::tokio::TokioWriterAdapter;
|
||||
use pbs_tools::json;
|
||||
use pbs_tools::crypt_config::CryptConfig;
|
||||
|
||||
mod benchmark;
|
||||
pub use benchmark::*;
|
||||
@ -1131,7 +1133,7 @@ async fn restore(param: Value) -> Result<Value, Error> {
|
||||
eprintln!("{}", format_key_source(&key.source, "encryption"));
|
||||
}
|
||||
if let Some(config) = &crypt_config {
|
||||
eprintln!("Fingerprint: {}", config.fingerprint());
|
||||
eprintln!("Fingerprint: {}", Fingerprint::new(config.fingerprint()));
|
||||
}
|
||||
}
|
||||
manifest.check_fingerprint(crypt_config.as_ref().map(Arc::as_ref))?;
|
||||
|
||||
@ -17,7 +17,9 @@ use proxmox::{sortable, identity};
|
||||
use proxmox::api::{ApiHandler, ApiMethod, RpcEnvironment, schema::*, cli::*};
|
||||
use proxmox::tools::fd::Fd;
|
||||
|
||||
use pbs_datastore::{BackupDir, BackupGroup, CryptConfig, load_and_decrypt_key};
|
||||
use pbs_tools::crypt_config::CryptConfig;
|
||||
use pbs_config::key_config::load_and_decrypt_key;
|
||||
use pbs_datastore::{BackupDir, BackupGroup, };
|
||||
use pbs_datastore::index::IndexFile;
|
||||
use pbs_datastore::dynamic_index::BufferedDynamicReader;
|
||||
use pbs_datastore::cached_chunk_reader::CachedChunkReader;
|
||||
|
||||
@ -8,10 +8,11 @@ use proxmox::{
|
||||
tools::fs::file_get_contents,
|
||||
};
|
||||
|
||||
use pbs_api_types::SnapshotListItem;
|
||||
use pbs_tools::crypt_config::CryptConfig;
|
||||
use pbs_config::key_config::decrypt_key;
|
||||
use pbs_api_types::{SnapshotListItem, CryptMode};
|
||||
use pbs_client::tools::key_source::get_encryption_key_password;
|
||||
use pbs_datastore::{BackupGroup, CryptMode, CryptConfig, decrypt_key};
|
||||
use pbs_datastore::data_blob::DataBlob;
|
||||
use pbs_datastore::{DataBlob, BackupGroup};
|
||||
use pbs_tools::json::required_string_param;
|
||||
|
||||
use crate::{
|
||||
|
||||
@ -11,6 +11,7 @@ serde_json = "1.0"
|
||||
|
||||
proxmox = { version = "0.13.0", features = [ "api-macro", "cli" ] }
|
||||
|
||||
pbs-config = { path = "../pbs-config" }
|
||||
pbs-client = { path = "../pbs-client" }
|
||||
pbs-datastore = { path = "../pbs-datastore" }
|
||||
pbs-runtime = { path = "../pbs-runtime" }
|
||||
|
||||
@ -12,6 +12,8 @@ use proxmox::api::cli::{
|
||||
};
|
||||
use proxmox::api::{api, cli::*};
|
||||
|
||||
use pbs_tools::cli::outfile_or_stdout;
|
||||
use pbs_tools::crypt_config::CryptConfig;
|
||||
use pbs_datastore::dynamic_index::DynamicIndexReader;
|
||||
use pbs_datastore::file_formats::{
|
||||
COMPRESSED_BLOB_MAGIC_1_0, DYNAMIC_SIZED_CHUNK_INDEX_1_0, ENCRYPTED_BLOB_MAGIC_1_0,
|
||||
@ -19,11 +21,10 @@ use pbs_datastore::file_formats::{
|
||||
};
|
||||
use pbs_datastore::fixed_index::FixedIndexReader;
|
||||
use pbs_datastore::index::IndexFile;
|
||||
use pbs_datastore::{load_and_decrypt_key, CryptConfig, DataBlob};
|
||||
|
||||
use pbs_datastore::DataBlob;
|
||||
use pbs_config::key_config::load_and_decrypt_key;
|
||||
use pbs_client::tools::key_source::get_encryption_key_password;
|
||||
|
||||
use pbs_tools::cli::outfile_or_stdout;
|
||||
|
||||
/// Decodes a blob and writes its content either to stdout or into a file
|
||||
fn decode_blob(
|
||||
|
||||
@ -7,17 +7,17 @@ use serde_json::Value;
|
||||
|
||||
use proxmox::api::api;
|
||||
use proxmox::api::cli::{CliCommand, CliCommandMap, CommandLineInterface};
|
||||
use proxmox::tools::digest_to_hex;
|
||||
|
||||
use pbs_tools::crypt_config::CryptConfig;
|
||||
use pbs_datastore::dynamic_index::DynamicIndexReader;
|
||||
use pbs_datastore::file_formats::{DYNAMIC_SIZED_CHUNK_INDEX_1_0, FIXED_SIZED_CHUNK_INDEX_1_0};
|
||||
use pbs_datastore::fixed_index::FixedIndexReader;
|
||||
use pbs_datastore::index::IndexFile;
|
||||
use pbs_datastore::{load_and_decrypt_key, CryptConfig, DataBlob};
|
||||
|
||||
use pbs_datastore::DataBlob;
|
||||
use pbs_config::key_config::load_and_decrypt_key;
|
||||
use pbs_client::tools::key_source::get_encryption_key_password;
|
||||
|
||||
use proxmox::tools::digest_to_hex;
|
||||
|
||||
#[api(
|
||||
input: {
|
||||
properties: {
|
||||
|
||||
@ -20,6 +20,7 @@ proxmox = { version = "0.13.0", features = [ "api-macro", "cli" ] }
|
||||
|
||||
pbs-api-types = { path = "../pbs-api-types" }
|
||||
pbs-buildcfg = { path = "../pbs-buildcfg" }
|
||||
pbs-config = { path = "../pbs-config" }
|
||||
pbs-client = { path = "../pbs-client" }
|
||||
pbs-datastore = { path = "../pbs-datastore" }
|
||||
pbs-runtime = { path = "../pbs-runtime" }
|
||||
|
||||
@ -17,13 +17,14 @@ use proxmox::tools::fs::{create_path, CreateOptions};
|
||||
use pxar::accessor::aio::Accessor;
|
||||
use pxar::decoder::aio::Decoder;
|
||||
|
||||
use pbs_tools::crypt_config::CryptConfig;
|
||||
use pbs_api_types::CryptMode;
|
||||
use pbs_datastore::{CryptConfig, CATALOG_NAME};
|
||||
use pbs_datastore::CATALOG_NAME;
|
||||
use pbs_datastore::backup_info::BackupDir;
|
||||
use pbs_datastore::catalog::{ArchiveEntry, CatalogReader, DirEntryAttribute};
|
||||
use pbs_datastore::dynamic_index::{BufferedDynamicReader, LocalDynamicReadAt};
|
||||
use pbs_datastore::index::IndexFile;
|
||||
use pbs_datastore::key_derivation::decrypt_key;
|
||||
use pbs_config::key_config::decrypt_key;
|
||||
use pbs_client::{BackupReader, RemoteChunkReader};
|
||||
use pbs_client::pxar::{create_zip, extract_sub_dir, extract_sub_dir_seq};
|
||||
use pbs_client::tools::{
|
||||
|
||||
@ -12,7 +12,7 @@ use proxmox::{
|
||||
};
|
||||
|
||||
use pbs_api_types::{Fingerprint, KeyInfo, Kdf};
|
||||
use pbs_datastore::key_derivation::KeyConfig;
|
||||
use pbs_config::key_config::KeyConfig;
|
||||
use pbs_config::open_backup_lockfile;
|
||||
|
||||
use crate::{
|
||||
|
||||
@ -4,7 +4,8 @@ use std::sync::Arc;
|
||||
|
||||
use anyhow::{bail, Error};
|
||||
|
||||
use pbs_datastore::crypt_config::{CryptConfig, CryptMode};
|
||||
use pbs_tools::crypt_config::CryptConfig;
|
||||
use pbs_api_types::CryptMode;
|
||||
use pbs_datastore::data_blob::DataBlob;
|
||||
use pbs_datastore::read_chunk::{ReadChunk, AsyncReadChunk};
|
||||
|
||||
|
||||
@ -17,8 +17,7 @@ use serde::{Deserialize, Serialize};
|
||||
|
||||
use proxmox::tools::fs::file_read_optional_string;
|
||||
use pbs_api_types::Fingerprint;
|
||||
use pbs_datastore::key_derivation::KeyConfig;
|
||||
|
||||
use pbs_config::key_config::KeyConfig;
|
||||
use pbs_config::{open_backup_lockfile, replace_secret_config};
|
||||
|
||||
mod hex_key {
|
||||
|
||||
@ -28,7 +28,7 @@ use proxmox::{
|
||||
};
|
||||
|
||||
use pbs_api_types::Fingerprint;
|
||||
use pbs_datastore::key_derivation::KeyConfig;
|
||||
use pbs_config::key_config::KeyConfig;
|
||||
use pbs_tools::run_command;
|
||||
|
||||
use crate::{
|
||||
|
||||
@ -28,11 +28,10 @@ use proxmox::{
|
||||
api::section_config::SectionConfigData,
|
||||
};
|
||||
|
||||
use pbs_api_types::Fingerprint;
|
||||
use pbs_datastore::key_derivation::KeyConfig;
|
||||
use pbs_api_types::{VirtualTapeDrive, LtoTapeDrive, Fingerprint};
|
||||
use pbs_config::key_config::KeyConfig;
|
||||
use pbs_datastore::task::TaskState;
|
||||
use pbs_datastore::task_log;
|
||||
use pbs_api_types::{VirtualTapeDrive, LtoTapeDrive};
|
||||
|
||||
use crate::{
|
||||
server::{
|
||||
|
||||
@ -10,7 +10,7 @@ use proxmox::tools::{
|
||||
fs::{replace_file, CreateOptions},
|
||||
};
|
||||
|
||||
use pbs_datastore::key_derivation::KeyConfig;
|
||||
use pbs_config::key_config::KeyConfig;
|
||||
|
||||
use crate::{
|
||||
tape::{
|
||||
|
||||
@ -4,7 +4,8 @@ use std::io::Cursor;
|
||||
use std::io::{Read, Write, Seek, SeekFrom };
|
||||
use lazy_static::lazy_static;
|
||||
|
||||
use pbs_datastore::{CryptConfig, DataBlob, DataBlobReader, DataBlobWriter};
|
||||
use pbs_tools::crypt_config::CryptConfig;
|
||||
use pbs_datastore::{DataBlob, DataBlobReader, DataBlobWriter};
|
||||
|
||||
lazy_static! {
|
||||
static ref TEST_DATA: Vec<u8> = {
|
||||
|
||||
Reference in New Issue
Block a user